CVE-2020-5541

Опубликовано: 25 авг. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

Open redirect vulnerability in CyberMail Ver.6.x and Ver.7.x allows remote attackers to redirect users to arbitrary sites and conduct phishing attacks via a specially crafted URL.

Ссылки

https://gist.github.com/tonykuo76/ffdaa7bfabf2205dc5bac010eee38509
Third Party Advisory
https://jvn.jp/en/jp/JVN46258789/
Third Party Advisory
https://sup.cybersolutions.co.jp/otrs/customer.pl?Action=CustomerFAQZoom%3BItemID=985
https://www.chtsecurity.com/news/cf5742f8-a676-43c2-a8b9-bff17f452823
Third Party Advisory
https://gist.github.com/tonykuo76/ffdaa7bfabf2205dc5bac010eee38509
Third Party Advisory
https://jvn.jp/en/jp/JVN46258789/
Third Party Advisory
https://sup.cybersolutions.co.jp/otrs/customer.pl?Action=CustomerFAQZoom%3BItemID=985
https://www.chtsecurity.com/news/cf5742f8-a676-43c2-a8b9-bff17f452823
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cybersolutions:cybermail:6.0:*:*:*:*:*:*:*

cpe:2.3:a:cybersolutions:cybermail:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00555

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

GHSA-48hj-q7m7-jr56